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^ Creating a Linux Firewall Using the TIS Toolkit 
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Full text available: html(27.94 KB) Additional Information: full citation , abstract , index terms 

Get flexible and reliable control of your network's interaction with the outside world 

2 Integrating security in a large distributed systenn 
M. Satyanarayanan 



August 1989 ACM Transactions on Computer Systems (TOCS), Volume 7 issue 3 
Publisher: ACM Press 

Full text available: Pl pdf(2.90 MB) Additional Information: full citation, abstract, references, citings, index 

terms , review 

Andrew is a distributed computing environment that is a synthesis of the personal 
computing and timesharing paradigms. When mature, it is expected to encompass over 
5,000 workstations spanning the Carnegie Mellon University campus. This paper examines 
the security issues that arise in such an environment and describes the mechanisms that 
have been developed to address them. These mechanisms include the logical and physical 
separation of servers and clients, support for secure communication ... 
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David Guerrero 

February 1999 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: P| htmK20.30 KB) Additional Information: full citation , abstract , references 

Caching the Web, Part 2: This month Mr. Guerrero tells us about the definitive proxy- 
cache server. Squid 

^ New design concepts for an intelligent Internet 
Geng-Sheng Kuo, Jing-Pei Lin 

November 1998 Communications of the ACM, volume 4i issue ii 
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Gilbert A. Held 

May 1999 International Journal of Network Management, volume 9 issue 3 
Publisher: John Wiley & Sons, Inc. 

Full text available: pdf(129.46 KB) Additional Information; full citation , abstract , index terms 

The first line of defense of a network is accomplished through the creation of a router 
access list. This paper examines the creation and application of Cisco access lists and 
explains why they must be applied to an interface to go into effect. Copyright © 1999 
John Wiley & Sons, Ltd. 

Network security, filters and firewalls 
Darren Bolding 

September 1995 Crossroads, volume 2 issue i 
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Full text available: W\ htmlf25.57 KB) Additional Information: full citation , index terms 
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July 1974 Communications of the ACM, volume 17 issue 7 
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Full text available: "P ^pdffl.TS MB) 

terms 

The design of mechanisms to control the sharing of information in the Multics system is 
described. Five design principles help provide insight into the tradeoffs among different 
possible designs. The key mechanisnis described include access control lists, hierarchical 
control of access specifications, identification and authentication of users, and primary 
memory protection. The paper ends with a discussion of several known weaknesses in the 
current protection mechanism design. 

Keywords: Multics, access control, authentication, computer utilities, descriptors, 
privacy, proprietary programs, protected subsystems, protection, security, time-sharing 
systems, virtual memory 



Secure and mobile networking 
Vipul Gupta, Gabriel Montenegro 

December 1998 Mobile Networks and Applications, volume 3 issue 4 

Publisher: Kluwer Academic Publishers 

Additional Information: full citation , abstract , references , citings , index 



Full text available: ■p.l pdf(223.39 KB) 

^ terms 

The IETF Mobile IP protocol is a significant step towards enabling nomadic Internet users. 
It allows a mobile node to maintain and use the same IP address even as it changes its 
point of attachment to the Internet. Mobility implies higher security risks than static 
operation. Portable devices may be stolen or their traffic may, at times, pass through 
links with questionable security characteristics. Most commercial organizations use some 
combination of source-filtering routers, sophisticate ... 

Putting it togethei^ a multi-dimensional approach to Internet security 

Frederick M. Avolio 

May 1998 netWorker, volume 2 issue 2 

Publisher: ACM Press 
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J. Chapin, M. Rosenblum, S. Devine, T. Lahiri, D. Teodosiu, A. Gupta 
^ December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the fifteenth 

ACM symposium on Operating systems principles SOSP '95, volume 29 

Issue 5 

Publisher: ACM Press 

Full text available: ^pdf(1.9Q MB) Additional Information: full citation , references , citings , index terms 



''I A security paradigm for Web databases Q 
Chuanxue Bi, Nenad Jukic 

April 1999 Proceedings of the 37th annual Southeast regional conference (CD-ROM) 
Publisher: ACM Press 

Full text available: 'p!| pdf(24.52 KB) Additional Information: full citation , index terms 



Pakistan On-Line Q 

Rafeeq Ur Rehman 

April 2000 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: W\ html(11.70 KB) Additional Information: full citation , abstract , references , index terms 
Linux is being usedan ISP in Pakistan— Mr. Rehman tells us why. 

13 Security issues surrounding programming languages for mobile code: JAVA vs. Safe- [~\ 
Tel 



Stefanos Gritzalis, George Aggelis 
April 1998 ACM SIGOPS Operating Systems Review, volume 32 issue 2 

Publisher: ACM Press 

Full text available: '^ pdf(1.42 MB) Additional Information: full citation , abstract , references 

JAVA is claimed to be a system programming language having a number of advantages 
over traditional programming languages. These advantages stem from the fact that it is a 
platform - independent language, thus promising truly network oriented computing as 
long as a nearly universal system for distributing applications. On the other hand, 
although being an interpreted, much simpler, scripting language, Safe-Tcl was proposed 
as an executable contents type of MIME and thus as the standard language f ... 

Multi-model parallel programming in psyche 

4^ M. L. Scott, T. J. LeBlanc, B. D. Marsh 

February 1990 ACM SIGPLAN Notices , Proceedings of the second ACM SIGPLAN 

symposium on Principles & practice of parallel programming PPOPP 

'90, Volume 25 Issue 3 

Publisher: ACM Press 

Additional Information: full citation , abstract , references , dtinqs . index 



Full text available: pdf(1.48 MB) 

^'^^^■^ terms 

Many different parallel programming models, including lightweight processes that 
communicate with shared memory and heavyweight processes that communicate with 
messages, have been used to implement parallel applications. Unfortunately, operating 
systems and languages designed for parallel programming typically support only one 
model. Multi-model parallel programming is the simultaneous use of several different 
models, both across programs and within a single program. This paper describes mu ... 

^5 Secure group communications using key graphs Q 
Chung Kei Wong, Mohamed Gouda, Simon S. Lam 

October 1998 ACM SIGCOMM Computer Communication Review , Proceedings of the 
ACM SIGCOMM '98 conference on Applications, technologies, 
architectures, and protocols for computer communication SIGCOMM 
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'98, Volume 28 Issue 4 

Publisher: ACM Press 

Full text available- '^ pdf(1.68 MB) Additional Information: full citation , abstract , references , dtinas . index 
^ ' terms 

Many emerging applications (e.g., teleconference, real-time information services, pay per 
view, distributed interactive simulation, and collaborative work) are based upon a group 
communications model, i.e., they require packet delivery from one or more authorized 
senders to a very large number of authorized receivers. As a result, securing group 
communications (i.e., providing confidentiality, integrity, and authenticity of messages 
delivered between group members) will become a critical network ... 

1^ Multicast security and its extension to a mobile environment Q 
Li Gong, Nachum Shacham 

August 1995 Wireless.Networks, Volume 1 Issue 3 
Publisher: Kluwer Academic Publishers 

Full text available: ' ^pdf(122 MB) Additional Information: full citation , abstract , references , dtinas 

Multicast is rapidly becoming an important mode of communication and a good platform 
for building group-oriented services. To be used for trusted communication, however, 
current multicast schemes must be supplemented by mechanisms for protecting traffic, 
controlling participation, and restricting access of unauthorized users to data exchanged 
by the participants. In this paper, we consider fundamental security issues in building a 
trusted multicast facility. We discuss techniques for group- ... 

17 An architecture for a secure service discovery service [~ | 
Steven E. Czerwinski, Ben Y. Zhao, Todd D. Modes, Anthony D. Joseph, Randy H. Katz 
August 1999 Proceedings of the 5th annual ACM/IEEE international conference on 

Mobile computing and networking 
Publisher: ACM Press 

Full text available: pdf(1.47 MB) Additional Information: full citation , references , citings , index terms 



Problems with DCE security services 
L§> Gregory White, Udo Pooch 

^ October 1995 ACM SIGCOMM Computer Communication Review, Volume 25 issue 5 
Publisher: ACM Press 

Full text available: ' ^pdf(479.39 KB) Additional Information: full citation , abstract , index terms 

Distributed computing is receiving an ever increasing amount of interest and with it come 
many challenges, not the least of which is how to maintain system and network security, 
issues relating to user authentication, access authorization, and communication security 
must be addressed when multiple, heterogeneous systems are connected. While these 
issues have been addressed in OSFs DCE, several problems remain. This paper describes 
some of these problems. 

Napoleon: netvyork application policy environment r~l 
D. Thomsen, R, O'Brien, C. Payne 

October 1999 Proceedings of the fourth ACM workshop on Role-based access control 
Publisher: ACM Press 

Full text available: ^ pdf(902.16 KB) Additional Information: full citation , references , citings , index terms 
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Dan Teodosiu, Joel Baxter, Kinshuk Govil, John Chapin, Mendel Rosenblum, Mark Horowitz 
^ May 1997 ACM SIGARCH Computer Architecture News , Proceedings of the 24th 

annual international symposium on Computer architecture ISCA '97, volume 

25 Issue 2 

Publisher: ACM Press 
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Current shared-nnemory multiprocessors are inherently vulnerable to faults: any 
significant hardware or system software fault causes the entire system to fail. Unless 
provisions are made to limit the impact of faults, users will perceive a decrease in 
reliability when they entrust their applications to larger machines. This paper shows that 
fault containment techniques can be effectively applied to scalable shared-memory 
multiprocessors to reduce the reliability problems created by increased mach ... 
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